Job Description

The candidate is expected to work in the privacy and compliance vertical within information security and support internal and external audits. The candidate is expected to play the primary responder role for enterprise incident management process. The candidate is expected to support client security requests such as responding to RFIs / RFPs / Security Questionnaires The candidate is expected to collaborate with global business operations and support functions to assess effectiveness of information security controls and provide recommendations for continual security enhancements. The candidate should have good communication and presentation skills, can work well independently and with other teams, and be available for travel on an as needed basis. The candidate can support the continued use of automation wherever possible to improve efficiency and accuracy of the risk management program. Ability and desire to work in a fast paced, test-drive, agile, collaborative and iterative programming environment. Ability to think clearly and articulate your vision with the appropriate technical depth. Responsibilities 1. Audit Assist in coordination and remediation of all audits including internal, client, and certification audits. Assist in coordination of enterprise security certifications such as ISO 27001, HITRUST, SOC2 Type2, Cyber Essentials Plus, etc 2. Incident Response Assist with incident response program from management of the incident to remediation, reporting and tracking. 3. Client security requests Work as a team player to contribute towards client security enquiries by working with internal business and support functions. 4. Security and Privacy Impact Assessment Perform vendor risk and security profile assessments, evaluate vendor responses including the potential for creating action items and maintain records. 5. Business InfoSec Support Reviewing Business Unit security posture via virtual or on-site visits or walkthroughs as deemed necessary. Assist in implementing new technologies in collaboration/ coordination with Group security and local / regional IT teams. Build and maintain workflows and business processes regarding all aspects of responsibilities. Qualifications Requirements/Qualifications: Bachelor s degree Knowledge of internal audits, incident response process, risk management, vendor risk management. Experience and knowledge of Cyber Security Privacy Frameworks such as GDPR, HIPAA, CCPA, NIST, ISO 27001, SOC2 Type2, etc Experience handling projects and involvement with audits.

foundit